Subscribe to Here’s the Deal, our politics
newsletter for analysis you won’t find anywhere else.
Thank you. Please check your inbox to confirm.
Next: to the growing problem of cyber-security.
For the first time ever, it's on the agenda at a biannual meeting of U.S. and China leaders this week in Washington. Those talks come amid suspicion that China is stealing intellectual property by hacking into computer networks of U.S. companies.
Ray Suarez has the story.
FIOS NOC. This is Pat. How can I help you?
At Verizon facilities around the United States, network engineers are monitoring Internet traffic. They're watching for online crimes. At places like this network operations center, they're getting better at tracking the kind of activity that signals cyber-crime, but the crooks are getting better, too.
BRYAN SARTIN, Verizon Enterprise Solutions:
There is always this Whac-A-Mole type of effect. And every time that we get a good countermeasure-type capability, a defensive capability, to really counter or deal with a specific type of threat, it pops up someplace else.
Bryan Sartin is director of investigative response at Verizon Business.
On any given day, we oftentimes are the battleground on which cyber-attacks take place. We sit between the victims and sources of cyber-attacks.
On any given day, more than 60 percent of the world's Internet traffic runs on Verizon's global network. According to this year's annual report on cyber-crime, Verizon found 96 percent of the world's cyber-espionage, stealing trade secrets and intellectual property, came from one country: China.
Security specialists say China is using theft as a national development strategy, pilfering software for wind turbines, fiberoptic cable technology, blueprints for weapons systems like the Joint Strike Fighter.
James Mulvenon keeps a close eye on the Chinese military and cyber-warfare.
JAMES MULVENON, Co-Author, "Chinese Industrial Espionage: Technology Acquisition and Military Modernization": The Chinese realized about 10 years that they had had a very shallow economic modernization. They received our components, were assembling and re-exporting it. They realized they wanted to go deeper. They wanted to do their innovation, but state-directed innovation is quite difficult. So, they realized in many cases the only way that they could jump-start the kind of indigenous innovation that they wanted was to be able to steal the technology.
Mulvenon says China moved from stealing U.S. military and government secrets to industrial espionage around five years ago.
In roughly 2007 to 2008, however, precisely the same time that this new indigenous innovation push came from Beijing, we began seeing them go after companies at the heart of the American innovation economy. And so now it's both the traditional classified computer network intrusion activity, as well as this new focus on commercial espionage.
Companies targeted by hackers and thieves won't talk about it publicly. They're loathe to let competitors or shareholders know they have had business plans, data and designs stolen.
But one veteran cyber-security investigator detected scores of important documents stolen over the course of a decade at a company that is now defunct.
BRIAN SHIELDS, Former Nortel Computer Security Official:
When we found out that we had a problem with the stealing of data out of our big document server, we found that the access was coming into our network. Where the attack was occurring was through remote access.
Brian Shields worked for Nortel, the Canadian telecommunications giant that once employed nearly 100,000 people. He said scores of documents were stolen before Nortel know the Chinese had penetrated their systems and that Nortel failed to beef up cyber-security.
We were tracing the origination of the log-in activity and saw that it was coming — mostly, went the downloads was occurring, it was coming from the Shanghai area in China.
Nortel filed for bankruptcy in 2009. I asked Brian Shields if he thought all the cyber-stealing from Nortel contributed to the downfall of the company.
Absolutely. They kept stealing, and stealing, and stealing.
One company, Huawei, the largest telecommunications company in China, is suspected of acquiring Nortel's stolen documents and, Mulvenon says, making good use of them.
There's a well-documented record of them stealing core technology from Cisco and from Nortel. And as the number of global telecommunications equipment manufactures grows smaller and smaller, I think that Huawei has directly benefited from being able to take core R&D from other people.
Huawei denies this. In an e-mail to the NewsHour, they wrote: "Huawei is a world-leading, proven and trusted information and communications technology company that invests billions of dollars in R&D annually. Tired, empty, never-substantiated, defamatory remarks are sad distractions from real-world concerns related to espionage."
The Chinese government also denies it engages in cyber-stealing from American companies and says they are victims of cyber-attacks too. The Chinese Embassy in Washington declined our request to interview the ambassador. But a government spokesman in Beijing pointed to the revelations from former NSA contractor Edward Snowden that the U.S. had tapped Chinese telecommunications lines.
Chinese Foreign Ministry Spokeswoman Hua Chunying:
HUA CHUNYING, Chinese Foreign Ministry Spokeswoman:
China hopes a certain country can stop irresponsible attacks and accusations against China, start with themselves and take practical action to strengthen mutual trust and cooperation, and jointly safeguard peace and security of the cyberspace.
The Snowden affair makes it harder to complain to the Chinese about cyber-industrial espionage, says Dmitri Alperovitch, a co-founder of CrowdStrike, a cyber-security firm.
DMITRI ALPEROVITCH, Co-Founder and CEO, CrowdStrike: I think it makes it more difficult, because we are certainly losing our moral high ground in this case, when the Chinese can say, aren't you doing the same thing to us?
Of course, what we are doing is very different. We are not hacking into Chinese companies and then turning it over and giving it to American companies. We are not engaged in economic espionage. The Chinese don't make that distinction.
One major source of Chinese cyber-espionage that has gotten a lot of attention recently is a military unit called 61398. It's located in a nondescript building in Shanghai. Mulvenon says the frequency and severity of attacks are reaching new highs, and that the U.S. government and American industries have had enough and are mobilizing.
Chinese cyber-hacking has been going on for a long time. What's new is that we're finally fed up and trying to do something about it.
Republican Congressman Mike Rogers, the chairman of the House Intelligence Committee, has proposed legislation that would deny issuing visas to Chinese citizens involved in cyber-theft, and freeze their assets, too.
REP. MIKE ROGERS, R-Mich.:
This is all about making sure that those actors that we can identify — and believe me we can identify them — they there is a cost for their cyber-espionage.
Democratic Sen. Carl Levin and three Senate co-sponsors want to take the profit out of cyber-crime. They have introduced legislation that block products that use stolen intellectual property from entering the U.S. market.
SEN. CARL LEVIN, D-Mich.:
You have got to hit people in their wallet. If you want to finally act against cyber-theft of your intellectual property, if you really want to stop it, you got to have some remedy that bites.
Some cyber-security experts demand a more direct approach. Got hackers stealing your intellectual property over the Internet? Use the Internet to go steal it back. But, right now, that's against the law.
What we want is for private companies and individuals that are victims of this activity to have authorities that they enjoy in the physical space of defense of property, today, if someone steals your data and takes it to another machine, the bad guys' machine, and you have full proof, you have logs that that activity has taken place, you are not authorized to go into that machine to take your data back.
Banks bundle money with exploding dye packs, making it easier for police to identify robbers. After the Russians invaded and unleashed a cyber-attack against Georgia in 2008, the Georgian government counter attacked with the equivalent of a cyber-dye pack.
They knew that the adversary was on a particular machine, and they placed a document that was titled "Georgia-NATO Negotiations," a Word document, on that machine. It was immediately taken by the bad guy. And when they opened it up on their machine, it beaconed back to the Georgians. They activated the Webcam. They took his picture and published that information for everyone to see.
Alperovitch says this type of cyber-counterespionage is an effective way for American companies to find who is stealing their material — effective maybe, but currently illegal.
Verizon's Bryan Sartin says he's focused on building better cyber-defenses.
If you see a flurry of activity from a particular place, can you fight back, or do you just have to get better at taking a punch all the time?
Is it possible to fight back? Yes, absolutely. But there are so many complexities that get involved, especially when you start talking about legalities, crossing borders and facets like that. And that is an, unfortunately, very, very mucky area. So we are entirely focused on defense and, as you put it, taking a punch.
Both the United States and China have a lot on the line, plenty of mutual interests, and reasons to avoid escalating cyber-war, or trade war. The two countries continue their meetings this week.
Online, one of the cyber-security experts in Ray's story, Dmitri Alperovitch, explains how to recognize hackers who are trying to access your personal data.
Support Provided By: